A vulnerability was found in Sun Solaris up to 7.0 (Operating System). It has been classified as critical. This affects the function print_domain_name of the file snoop. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.

The weakness was published 12/07/1999 by FIRST (Website). The advisory is shared at securityfocus.com. This vulnerability is uniquely identified as CVE-1999-0973. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details and a public exploit are known.

A public exploit has been developed in ANSI C. The exploit is shared for download at securityfocus.com. It is declared as proof-of-concept. We expect the 0-day to have been worth approximately $5k-$25k.

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the databases at Exploit-DB (19663) and SecurityFocus (BID 858†). Similar entry is available at VDB-15041. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Operating System

Vendor

• Sun

Name

• Solaris

Version

• 2.3
• 2.4
• 2.5
• 2.5.1
• 2.6
• 7.0

License

• commercial

Support

• end of life (old version)

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion